CVE-2018-10752

The Tagregator plugin 0.6 for WordPress has stored XSS via the title field in an Add New action.
References
Link Resource
https://pastebin.com/ZGr5tyP2 Exploit Third Party Advisory
https://www.exploit-db.com/exploits/45225/ Exploit Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:tagregator_project:tagregator:0.6:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2018-05-05 02:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-10752

Mitre link : CVE-2018-10752

CVE.ORG link : CVE-2018-10752


JSON object : View

Products Affected

tagregator_project

  • tagregator
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')